Medium severity6.1NVD Advisory· Published Jun 9, 2025· Updated Jun 17, 2026
CVE-2025-46178
CVE-2025-46178
Description
Cross-Site Scripting (XSS) vulnerability exists in askquery.php via the eid parameter in the CloudClassroom PHP Project. This allows remote attackers to inject arbitrary JavaScript in the context of a victim s browser session by sending a crafted URL, leading to session hijacking or defacement.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- CloudClassroom/PHP Projectdescription
Patches
Vulnerability mechanics
References
1- github.com/SacX-7/CVE-2025-46178/blob/main/Cross-Site%20Scripting%20%28XSS%29%20in%20CloudClassroom%20PHP%20ProjectnvdMitigationThird Party Advisory
News mentions
0No linked articles in our index yet.